lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1266522700.2909.34.camel@sbs-t61.sc.intel.com>
Date:	Thu, 18 Feb 2010 11:51:40 -0800
From:	Suresh Siddha <suresh.b.siddha@...el.com>
To:	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
Cc:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"hpa@...or.com" <hpa@...or.com>,
	"rostedt@...dmis.org" <rostedt@...dmis.org>,
	"jeremy@...p.org" <jeremy@...p.org>,
	Ingo Molnar <mingo@...hat.com>,
	Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [LKML] Re: [PATCH] x86_64: allow sections that are recycled to
 set _PAGE_RW

On Tue, 2010-02-16 at 14:13 -0800, Konrad Rzeszutek Wilk wrote:
> On Sat, Feb 13, 2010 at 12:08:17PM -0800, Suresh Siddha wrote:
> > The checks in static_protections() for kernel text mapping ensure that
> > we don't break the 2MB kernel text pages unnecessarily on 64bit kernels
> > (as it has performance implications). We should be fine as long as the
> > kernel identity mappings reflect the correct RW permissions.
> > 
> > But somehow this is working fine on native kernels but not on Xen pv
> > guest. Your patch will cause the performance issues that we are
> 
> That would not be good.
> 
> > addressing using the static protections checks. I will look at this more
> > detailed on tuesday.
> 
> Great. Thank you for doing that. If you find yourself in a bind, here are
> some steps on how to build the Xen pv-ops kernel and such:
> http://wiki.xensource.com/xenwiki/XenParavirtOps
> 
> It goes without saying that I would be happy to test your patch when
> you have one ready.

x86 folks, can you please queue the appended patch? If you think it is
too late for 2.6.33, I added a "cc: stable", so that they can pick this
up for both .32 and .33. Thanks.
---

From: Suresh Siddha <suresh.b.siddha@...el.com>
Subject: x86_64, cpa: don't work hard in preserving kernel text 2M mapping when using 4K already

We currently enforce the !RW mapping for the kernel mapping that maps
holes between different text, rodata and data sections. However, kernel
identity mappings will have different RWX permissions to the pages mapping to
text and to the pages padding (which are freed) the text, rodata sections.
Hence kernel identity mappings will be broken to smaller pages. For 64-bit,
kernel text and kernel identity mappings are different, so we can enable
protection checks that come with CONFIG_DEBUG_RODATA, as well as retain 2MB
large page mappings for kernel text.

Konrad reported a boot failure with the Linux Xen paravirt guest because of
this. In this paravirt guest case, the kernel text mapping and the kernel
identity mapping share the same page-table pages. Thus forcing the !RW mapping
for some of the kernel mappings also cause the kernel identity mappings to be
read-only resulting in the boot failure. Linux Xen paravirt guest also
uses 4k mappings and don't use 2M mapping.

Fix this issue and retain large page performance advantage for native kernels
by not working hard and not enforcing !RW for the kernel text mapping,
if the current mapping is already using small page mapping.

Reported-by: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
Signed-off-by: Suresh Siddha <suresh.b.siddha@...el.com>
Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
Cc: stable@...nel.org	[2.6.32, 2.6.33]
---

index 1d4eb93..cf07c26 100644
--- a/arch/x86/mm/pageattr.c
+++ b/arch/x86/mm/pageattr.c
@@ -291,8 +291,29 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address,
 	 */
 	if (kernel_set_to_readonly &&
 	    within(address, (unsigned long)_text,
-		   (unsigned long)__end_rodata_hpage_align))
-		pgprot_val(forbidden) |= _PAGE_RW;
+		   (unsigned long)__end_rodata_hpage_align)) {
+		unsigned int level;
+
+		/*
+		 * Don't enforce the !RW mapping for the kernel text mapping,
+		 * if the current mapping is already using small page mapping.
+		 * No need to work hard to preserve large page mappings in this
+		 * case.
+		 *
+		 * This also fixes the Linux Xen paravirt guest boot failure
+		 * (because of unexpected read-only mappings for kernel identity
+		 * mappings). In this paravirt guest case, the kernel text
+		 * mapping and the kernel identity mapping share the same
+		 * page-table pages. Thus we can't really use different
+		 * protections for the kernel text and identity mappings. Also,
+		 * these shared mappings are made of small page mappings.
+		 * Thus this don't enforce !RW mapping for small page kernel
+		 * text mapping logic will help Linux Xen parvirt guest boot
+		 * aswell.
+		 */
+		if (lookup_address(address, &level) && (level != PG_LEVEL_4K))
+			pgprot_val(forbidden) |= _PAGE_RW;
+	}
 #endif
 
 	prot = __pgprot(pgprot_val(prot) & ~pgprot_val(forbidden));


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ